Vectra AI announced Attack Signal Intelligence - groundbreaking technology that
automates threat detection, triage and prioritization for SOC teams. As organizations face ever-growing
unknown cyber threats targeting on-premises and cloud infrastructure, SaaS
applications and data and Identity systems, SOC teams are challenged to keep
pace. More attack surface to cover combined
with more modern, evasive and sophisticated attackers has resulted in more
manual time spent maintaining detection rules, triaging alerts and figuring out what
alerts to prioritize - resulting in analyst fatigue and burnout. Vectra's Security AI-driven Attack
Signal Intelligence frees security analysts of these everyday manual and
mundane tasks and arms them to do what they do best - investigate and respond
to real attacks. Core to the Vectra platform, Vectra MDR services and the
expanding Vectra ecosystem, Attack Signal Intelligence empowers security
analysts to:
- Think like an attacker with
AI-driven Detections that go beyond signatures and anomalies to understand
attacker behavior and zero in on attacker TTPs across the cyber kill
chain.
- Know what is malicious by analyzing
detection patterns unique to an organization's environment to surface
relevant events and reduce noise.
- Focus on the urgent with AI-driven
Prioritization that provides a view of threats by severity and impact,
enabling analysts to focus on responding to critical threats and lowering
business risk.
Today's security teams are challenged
with defending an ever-expanding attack surface, more evasive attacker methods
while contending with overwhelming alert noise. These challenges all contribute to a
threat actors' increasing ability to beat prevention tools, circumvent signatures and detection
rules and bypass multi-factor authentication to infiltrate and progress
laterally inside an organization while going unnoticed. According to Vectra's Global Research Study, 72% of security practitioners believe
that they have been breached but don't know it.
"The unknown compromise is the
single biggest security risk organizations face today. Far more complex environments with
greater attack surface exposure, more evasive attacker methods and overwhelming
noise are all leading to unknowns for security teams," said Kevin
Kennedy, SVP of Product at Vectra. "To erase these unknowns, security
teams need more reliable, accurate and timely intelligence across all attack
entry points and attack surfaces. Vectra's Attack Signal Intelligence is the first technology
of its kind to automate threat detection, triage and prioritization so
defenders can get ahead and stay ahead of modern attacks. Threat intelligence gives security the
confidence to mitigate what is known. Vectra Attack Signal intelligence gives security the
confidence to mitigate what was previously unknown."
By harnessing Attack Signal
Intelligence with the Vectra platform, Vectra MDR services and the Vectra
ecosystem, security teams detect real attacks and
their progression throughout the cyber kill chain so they can rapidly
investigate and stop an attack from becoming a breach. Contrast to approaches that
leverage AI for anomaly detection and require human tuning and maintenance, Vectra Attack Signal Intelligence
continuously and automatically monitors for attacker methods with a set of
Security AI models programmed with an understanding of attacker TTPs. The results run through another layer
of AI which combines an understanding of the organization's environment with
threat models and human threat intelligence, to automatically surface and
prioritize threats based on severity and impact. The result is that security teams are
85% more efficient in identifying actual threats and achieve >2x higher
security operations productivity.
Vectra Attack Signal Intelligence is
built into all Vectra Cloud, Identity and Network Threat Detection and Response
products and services:
- Vectra CDR for AWS
- Vectra CDR for Microsoft 365
- Vectra IDR for Microsoft Azure AD
- Vectra NDR for on-premises and cloud networks
- Vectra MDR for cloud, identity and network threat detection
and response